Best practice firmware upgrade for multiple devices
In Nebula it's possible to configure a firmware upgrade schedule. What's the best practice to perform firmware upgrades for multiple devices at the same Nebula site? Do I have to take care that multiple devices do not perform firmware upgrades simultaneously if they could lose internet connectivity during firmware upgrade of another device?
Example 1: There are 2 NWA50AX access points, one as root (wired connection) and one as mesh repeater (wireless connection only). If I schedule the firmware upgrade for both access points at the same time, could this run into trouble if the root access point will reboot and the repeater will lose connectivity while it is also performing the upgrade?
Example 2: There are 2 switches, switch 1 is connected directly to the firewall and switch 2 is connected to switch 1. Both are scheduled to perform their firmware upgrades at the same time. In this case switch 2 can also lose internet connectivity during its firmware upgrade while switch 1 is rebooting for its own firmware upgrade. Could this cause any problems?
0
Accepted Solution
-
Hi @mstar,
I suggest you can upgrade the repeater access points first and then upgrade the root access point.
This flow can make sure all devices have been upgraded to the latest firmware version since the repeater access point might upgrade fail due to disconnection.
Zyxel Melen0
All Replies
-
If the operation is scheduled, i suggest to consider these things...
- don't upgrade simultaneously all the devices. Best option is to upgrade one device, a small testing period, then upgrade other devices in batches
- From the edge, to the core, unless security concerns.
If something goes wrong on one device closer to the edge, smaller part of the network will be affected. - Don't slack, don't rush.
If you're not experiencing specifically an issue like the one reported into release notes, don't hurry up the upgrade for at least two weeks or more. If any issue will rise during first adoption phase, a subsequent upgrade will be published. But at the release date, schedule at least one test upgrade for one device, only... not that soon.
1 -
Thanks mMontana for your comment, these are really important aspects to think about. I totaly agree with that.I notice that my subject "best practice" was misleading (sorry), because my question was intended more technical to the upgrade process itself: Usually we try to avoid that devices lose internet connectivity while performing a firmware upgrade because the upgrade process could fail and the device won't be able to be controlled remotely anymore.Supposed I have successfully tested the firmware upgrade with some single devices: How will Nebula perform for example the firmware upgrade of repeaters in a smart mesh? When they start their firmware upgrade all at the specified time then the wireless connected repeater access points won't be able to connect to the the internet because the root access point is also performing its firmware upgrade and will need to reboot. Could this cause problems for the repater access points?But maybe all devices will download the new firmware locally before the scheduled firmware upgrade time? Then they should be able to perform the firmware upgrade even if there's no internet connection available for some minutes. I assume this will be the way how the firmware upgrade process is implemented otherwise it would be dangerous to offer upgrade times in Nebula - Site-wide - Configuration - Firmware management. It would be great if someone could confirm or deny that.0
-
Thanks mMontana for your comment, these are really important aspects to think about. I totaly agree with that.I notice that my subject "best practice" was misleading (sorry), because my question was intended more technical to the upgrade process itself: Usually we try to avoid that devices lose internet connectivity while performing a firmware upgrade because the upgrade process could fail and the device won't be able to be controlled remotely anymore.Supposed I have successfully tested the firmware upgrade with some single devices: How will Nebula perform for example the firmware upgrade of repeaters in a smart mesh? When they start their firmware upgrade all at the specified time then the wireless connected repeater access points won't be able to connect to the the internet because the root access point is also performing its firmware upgrade and will need to reboot. Could this cause problems for the repater access points?But maybe all devices will download the new firmware locally before the scheduled firmware upgrade time? Then they should be able to perform the firmware upgrade even if there's no internet connection available for some minutes. I assume this will be the way how the firmware upgrade process is implemented otherwise it would be dangerous to offer upgrade times in Nebula - Site-wide - Configuration - Firmware management. It would be great if someone could confirm or deny that.
0 -
Hi @mstar
Welcome to Zyxel community!
1. The Nebula firmware upgrade will trigger all APs to download the latest firmware at the same time.
2. The firmware upgrade process will retry if the internet connection is disconnected. Once the device retries many times, it will stop the process and discord the temporary firmware file.
3. Disconnection won't cause any problem. But you need to ensure the device won't encounter a power incident when the firmware upgrade is processing.
By the way, thanks for sharing your idea with us. I will help to create a new idea post in Nebula idea category.
Zyxel Melen0 -
Hi @Zyxel_MelenThanks for your description of the Nebula firmware upgrade process! That's really good to know that a disconnected internet connection might stop a firmware upgrade but won't leave the device unresponsible.So whats your recommendation for the upgrade schedule for example in a smart mesh containing 1 wired root access point and some wireless only connected repeater access points?Would it be better to upgrade only the repeater access points in the first step (so they will have permanent internet connection via the root ap) and the root access point in a second step? Upgrading all access points at the same time could probably lead to a faster firmware download on the root access point (highest bandwidth due to its wired connection). This might result in rebooting this device first, while the repeater access points don't have finished downloading?
0 -
Hi @mstar,
I suggest you can upgrade the repeater access points first and then upgrade the root access point.
This flow can make sure all devices have been upgraded to the latest firmware version since the repeater access point might upgrade fail due to disconnection.
Zyxel Melen0 -
Hi @Zyxel_Melen,thank you for confirming that.In your first reply you wrote:"By the way, thanks for sharing your idea with us. I will help to create a new idea post in Nebula idea category."I'm not sure, did you mean I should create a new idea post in Nebula idea category or would you do that?
0 -
mstar said:Hi @Zyxel_Melen,thank you for confirming that.In your first reply you wrote:"By the way, thanks for sharing your idea with us. I will help to create a new idea post in Nebula idea category."I'm not sure, did you mean I should create a new idea post in Nebula idea category or would you do that?
Sorry for the late reply.
I will help to create a new idea post.
Zyxel Melen0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight